CodeCow/zulip
1
0
Fork 0
mirror of https://github.com/zulip/zulip.git synced 2026-06-12 21:00:58 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity
11.6
zulip/zerver
History
Mateusz Mandera 6f8df7fe32 rocketchat: Fix path traversal bug via emoji names. 
(cherry picked from commit 1bd80b37d65d5644f360c8f03b4752fa4da7ac94)
2026-03-31 15:31:57 -04:00
..
actions CVE-2026-25742: Anonymous file access after disabling spectator access. 2026-03-31 15:31:57 -04:00
data_import rocketchat: Fix path traversal bug via emoji names. 2026-03-31 15:31:57 -04:00
lib import_realm: Reset special user permissions at import time. 2026-03-31 15:31:57 -04:00
management backup: Handle PORT being numeric now. 2025-12-17 15:06:53 -05:00
migrations migrations: Move schema creation and search_path into pre_migrate hook. 2026-01-20 15:50:53 -08:00
models import_realm: Reset special user permissions at import time. 2026-03-31 15:31:57 -04:00
openapi api: Clarify that display_icon can be a relative URL. 2025-11-20 15:38:06 -08:00
tests rocketchat: Fix path traversal bug via emoji names. 2026-03-31 15:31:57 -04:00
tornado ruff: Fix SIM910 Use d.get(k) instead of d.get(k, None). 2026-02-09 16:26:05 -05:00
transaction_tests test_user_groups: Add durable=True to the independent transaction. 2024-11-21 14:55:15 -08:00
views requirements: Upgrade Python requirements. 2026-02-09 16:26:05 -05:00
webhooks ruff: Fix SIM910 Use d.get(k) instead of d.get(k, None). 2026-02-09 16:26:05 -05:00
worker uploads: Pass target_realm down, so S3 can set correct metadata. 2026-01-20 15:50:53 -08:00
__init__.py django: Upgrade Zulip to Django 3.2 LTS. 2021-05-03 08:36:22 -07:00
apps.py migrations: Move schema creation and search_path into pre_migrate hook. 2026-01-20 15:50:53 -08:00
checks.py checks: Name the required settings better when running in Docker. 2026-03-30 14:34:49 -04:00
context_processors.py realm_creation_form: Capture import_from if realm import enabled. 2025-04-30 00:06:43 -07:00
decorator.py integrations: Prevent logging of MissingHTTPEventHeaderError. 2025-06-06 18:06:06 -07:00
filters.py filters: Do not report AVATAR_SALT, or other salts. 2025-03-13 09:36:07 -07:00
forms.py i18n: Swap three docs for ellipsis. 2025-07-30 13:45:53 +00:00
logging_handlers.py ruff: Fix UP007 Use X | Y for type annotations. 2024-07-13 22:28:22 -07:00
middleware.py ruff: Fix SIM910 Use d.get(k) instead of d.get(k, None). 2026-02-09 16:26:05 -05:00
signals.py send_email: Set the Date header according to local enqueue time. 2025-03-10 16:48:08 -07:00